CVEs from 2026
Total
14,075
critical
critical 1,239
high
high 4,663
medium
medium 4,449
low
low 488
% Critical
8.8%
% with KEV
0.4%
% with exploit
0.7%
Top vendors
Top products
- chrome 522
- firepower_threat_defense_software 300
- firepower_threat_defense 298
- gcp 239
- openclaw 172
- commerce 104
- commerce_b2b 89
- grafana 80
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-8739 | medium | 5.3 | 5.3 | 17d ago | A vulnerability was detected in Sanluan PublicCMS 5.202506.d. The affected element is the function getSignKey of the file publiccms-core/src/main/java/com/publiccms/logic/component/config/SafeConfigC… | |||
| CVE-2026-8737 | medium | 5.3 | 5.3 | 17d ago | A weakness has been identified in Sanluan PublicCMS 5.202506.d. This issue affects the function execute of the file publiccms-trade/src/main/java/com/publiccms/views/directive/trade/TradeAddressListD… | |||
| CVE-2026-8723 | medium | 5.3 | 5.3 | 18d ago | ### Summary `qs.stringify` throws `TypeError` when called with `arrayFormat: 'comma'` and `encodeValuesOnly: true` on an array containing `null` or `undefined`. The throw is synchronous and not ha… | |||
| CVE-2026-8681 | medium | 5.3 | 5.3 | 19d ago | The Essential Chat Support plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.0.1. This is due to the plugin not properly verifying that a user is auth… | |||
| CVE-2026-44309 | medium | 5.3 | 5.3 | 19d ago | Gitsign is a keyless Sigstore to signing tool for Git commits with your a GitHub / OIDC identity. Prior to 0.16.0, gitsign verify and gitsign verify-tag re-encode commit/tag objects through go-git's … | |||
| CVE-2026-8454 | medium | 5.3 | 5.3 | 19d ago | Imager::File::GIF versions through 1.002 for Perl allow a heap out of bounds (OOB) write on crafted multi-frame GIF files. Imager::File::GIF's i_readgif_multi_low allocates a single per-row buffer G… | |||
| CVE-2026-8612 | medium | 5.3 | 5.3 | 20d ago | WWW::Mechanize::Cached versions before 2.00 for Perl deserialize cached HTTP responses from a world-writable on-disk cache, enabling local response forgery and code execution. With no explicit cache… | |||
| CVE-2026-45248 | medium | 5.3 | 5.3 | 20d ago | Hedera Guardian through 3.5.1 contains an authentication bypass vulnerability in the GET /api/v1/demo/registered-users endpoint that allows unauthenticated attackers to retrieve sensitive user inform… | |||
| CVE-2026-45397 | medium | 5.3 | 5.3 | 20d ago | Open WebUI Vulnerable to Unauthenticated RAG Configuration Disclosure | |||
| CVE-2026-8583 | medium | 5.3 | 5.3 | 20d ago | Insufficient policy enforcement in WebXR in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive informa… | |||
| CVE-2026-8582 | medium | 5.3 | 5.3 | 20d ago | Object lifecycle issue in Dawn in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium se… | |||
| CVE-2026-8546 | medium | 5.3 | 5.3 | 20d ago | Out of bounds read in GPU in Google Chrome on Mac and Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information fr… | |||
| CVE-2026-8543 | medium | 5.3 | 5.3 | 20d ago | Out of bounds read in FileSystem in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive infor… | |||
| CVE-2026-8541 | medium | 5.3 | 5.3 | 20d ago | Out of bounds read in UI in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory vi… | |||
| CVE-2026-8538 | medium | 5.3 | 5.3 | 20d ago | Insufficient validation of untrusted input in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform a denial of service via a craf… | |||
| CVE-2026-8535 | medium | 5.3 | 5.3 | 20d ago | Out of bounds read in Media in Google Chrome on Linux and ChromeOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive informati… | |||
| CVE-2026-8516 | medium | 5.3 | 5.3 | 20d ago | Insufficient validation of untrusted input in DataTransfer in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentia… | |||
| CVE-2026-24000 | medium | 5.3 | 5.3 | 20d ago | Fleet has a rate limiting bypass via untrusted client IP headers | |||
| CVE-2026-38740 | medium | 5.3 | 5.3 | 20d ago | Foscam VD1 Video Doorbell before V5.3.13_1072 is vulnerable to Cleartext Transmission of Sensitive Information. The device transmits sensitive Session Description Protocol (SDP), including ICE creden… | |||
| CVE-2026-45292 | medium | 5.3 | 5.3 | 20d ago | opentelemetry-java is the Java implementation of the OpenTelemetry API for recording telemetry, and SDK for managing telemetry recorded by the API. Prior to 1.62.0, a vulnerability affects the baggag… | |||
| CVE-2026-42593 | medium | 5.3 | 5.3 | 20d ago | Gotenberg has arbitrary PDF read via stampExpression and watermarkExpression in merge, split, and convert routes | |||
| CVE-2026-42592 | medium | 5.3 | 5.3 | 20d ago | Gotenberg's DNS rebinding bypasses SSRF validation on Chromium URL conversion routes | |||
| CVE-2026-41933 | medium | 5.3 | 5.3 | 20d ago | Vvveb before 1.0.8.3 contains a directory listing information disclosure vulnerability that allows unauthenticated attackers to enumerate files and directories by accessing multiple paths lacking pro… | |||
| CVE-2026-24711 | medium | 5.3 | 5.3 | 20d ago | Northern.tech CFEngine Enterprise before 3.21.8, 3.24.3, and 3.27.0 has Incorrect Access Control. | |||
| CVE-2026-45205 | medium | 5.3 | 5.3 | 20d ago | Apache Commons Configuration: StackOverflowError for YAML input with cycles | |||
| CVE-2026-6206 | medium | 5.3 | 5.3 | 20d ago | The MW WP Form plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 5.1.2 via the _get_post_property_from_querystring() function due to insufficient restri… | |||
| CVE-2026-6145 | medium | 5.3 | 5.3 | 20d ago | The User Registration & Membership plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 5.1.5. This is due to the is_admin_creation_process() method relyi… | |||
| CVE-2026-44381 | medium | 5.3 | 5.3 | 21d ago | MISP is an open source threat intelligence and sharing platform. Prior to 2.5.37, a SQL injection vulnerability existed in the handling of user-controlled ordering parameters in the event and shadow … | |||
| CVE-2026-44379 | medium | 5.3 | 5.3 | 21d ago | MISP is an open source threat intelligence and sharing platform. Prior to 2.5.37, MISP Collections did not enforce RFC 4122 UUID validation on the uuid field. As a result, a user able to create or mo… | |||
| CVE-2026-44373 | medium | 5.3 | 5.3 | 21d ago | Nitro is a next generation server toolkit. Prior to 3.0.260429-beta, an attacker could bypass a proxy route rule by sending percent-encoded path traversal (..%2f) in the URL, causing Nitro to forward… | |||
| CVE-2026-33584 | medium | 5.3 | 5.3 | 21d ago | Exposed Keycloak management service in the Arqit Symmetric Key Agreement Platform enables unauthorized access to sensitive debug information such as metrics and health data. This issue affects Sym… | |||
| CVE-2026-44457 | medium | 5.3 | 5.3 | 21d ago | Hono's Cache Middleware ignores Vary: Authorization / Vary: Cookie leading to cross-user cache leakage | |||
| CVE-2026-44431 | medium | 5.3 | 5.3 | 21d ago | urllib3 is an HTTP client library for Python. From 1.23 to before 2.7.0, cross-origin redirects followed from the low-level API via ProxyManager.connection_from_url().urlopen(..., assert_same_host=Fa… | |||
| CVE-2026-44294 | medium | 5.3 | 5.3 | 21d ago | protobuf.js: Denial of service from crafted field names in generated code | |||
| CVE-2026-44292 | medium | 5.3 | 5.3 | 21d ago | protobuf.js: Prototype injection in generated message constructors | |||
| CVE-2026-44288 | medium | 5.3 | 5.3 | 21d ago | protobufjs has overlong UTF-8 decoding | |||
| CVE-2026-40435 | medium | 5.3 | 5.3 | 21d ago | When configured, IP-based access restrictions for httpd do not cover all endpoints, which may allow connections from blocked addresses. Note: Software versions which have reached End of Technical Su… | |||
| CVE-2026-34019 | medium | 5.3 | 5.3 | 21d ago | When Bidirectional Forwarding Detection (BFD) is configured in Static and Dynamic routing protocols, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to stop processing BFD pack… | |||
| CVE-2026-8463 | medium | 5.3 | 5.3 | 21d ago | Crypt::Argon2 versions from 0.017 before 0.031 for Perl perform a heap out-of-bounds read in argon2_verify on empty encoded input. The auto-detect form of argon2_verify passes encoded_len - 1 as the… | |||
| CVE-2026-7168 | medium | 5.3 | 5.3 | 21d ago | Successfully using libcurl to do a transfer over a specific HTTP proxy (`proxyA`) with **Digest** authentication and then changing the proxy host to a second one (`proxyB`) for a second transfer, reu… | |||
| CVE-2026-7009 | medium | 5.3 | 5.3 | 21d ago | When curl is told to use the Certificate Status Request TLS extension, often referred to as *OCSP stapling*, to verify that the server certificate is valid, it fails to detect OCSP problems and inste… | |||
| CVE-2026-6429 | medium | 5.3 | 5.3 | 21d ago | When asked to both use a `.netrc` file for credentials and to follow HTTP redirects, libcurl could leak the password used for the first host to the followed-to host under certain circumstances. | |||
| CVE-2026-2515 | medium | 5.3 | 5.3 | 21d ago | The Hostinger Reach – AI-Powered Email Marketing for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'handle_ajax_action' fu… | |||
| CVE-2026-6965 | medium | 5.3 | 5.3 | 21d ago | The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to and including 3.9.9. This is due to the `get_course_id_by… | |||
| CVE-2026-8200 | medium | 5.3 | 5.3 | 22d ago | When schema validation is enabled on a collection and an update or insert would violate the collection's schema, the local server log message generated may not have all user data redacted. This is… | |||
| CVE-2026-44341 | medium | 5.3 | 5.3 | 22d ago | GoJobs is a REST API for a Job Board platform. The application exposes a job retrieval endpoint that allows unauthenticated users to access job details by directly manipulating object identifiers. Th… | |||
| CVE-2026-34654 | medium | 5.3 | 5.3 | 22d ago | Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a Dependency on Vulnerable Third-Party Component vulnerability that could result i… | |||
| CVE-2026-23822 | medium | 5.3 | 5.3 | 22d ago | A vulnerability in the XML handling component of AOS-8 DHCP services could allow an unauthenticated remote attacker to trigger a denial-of-service condition. Successful exploitation could allow an at… | |||
| CVE-2026-42177 | medium | 5.3 | 5.3 | 22d ago | linux-entra-sso is a browser plugin for Linux to SSO on Microsoft Entra ID. Prior to 1.8.1, platform/chrome/js/platform-chrome.js:69-88 registers a single declarativeNetRequest rule whose urlFilter i… | |||
| CVE-2026-31245 | medium | 5.3 | 5.3 | 22d ago | mem0 server lacks authentication and authorization controls for its memory creation API endpoint | |||
| CVE-2026-25431 | medium | 5.3 | 5.3 | 22d ago | Missing Authorization vulnerability in WPMU DEV Hustle allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Hustle: through 7.8.10.1. | |||
| CVE-2026-33603 | medium | 5.3 | 5.3 | 22d ago | Attacker can use a specially crafted base64 exchange between Dovecot and Client to fake SCRAM TLS channel binding. This requires that the attacker is able to position itself between Dovecot and the c… | |||
| CVE-2026-45215 | medium | 5.3 | 5.3 | 22d ago | Insertion of Sensitive Information Into Sent Data vulnerability in Saad Iqbal WP EasyPay wp-easy-pay allows Retrieve Embedded Sensitive Data.This issue affects WP EasyPay: from n/a through <= 4.3.0. | |||
| CVE-2026-45212 | medium | 5.3 | 5.3 | 22d ago | Missing Authorization vulnerability in Gabe Livan Asset CleanUp: Page Speed Booster wp-asset-clean-up allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Asset … | |||
| CVE-2026-7626 | medium | 5.3 | 5.3 | 22d ago | The Slek Gateway for WooCommerce plugin for WordPress is vulnerable to Information Exposure in version 1.0. This is due to the wsb_handle_slek_payment_redirect() function placing the merchant's slek_… | |||
| CVE-2026-6708 | medium | 5.3 | 5.3 | 22d ago | The HEL Online Classroom: AI-powered Online Classrooms plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.0.3. This is due to a missing capability che… | |||
| CVE-2026-5693 | medium | 5.3 | 5.3 | 22d ago | The Smart Appointment & Booking plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check and a nonce validation logic flaw in the saab_cancel_booking(… | |||
| CVE-2026-8319 | medium | 5.3 | 5.3 | 23d ago | aiwaves-cn agents is vulnerable to resource consumption in the recall_relevant_memories_to_working_memory function | |||
| CVE-2026-6146 | medium | 5.3 | 5.3 | 23d ago | Amazon::Credentials versions through 1.2.0 for Perl uses rand to generate encryption keys. Amazon::Credentials stores credentials in an obfuscated form to prevent access to the secrets from a data d… | |||
| CVE-2026-41159 | medium | 5.3 | 5.3 | 23d ago | Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Prior to 10.9.6 and 11.15.0, Mermaid's default configuration allows injecting CSS that applies… | |||
| CVE-2026-41150 | medium | 5.3 | 5.3 | 23d ago | Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Prior to 10.9.6 and 11.15.0, there is a denial-of-service attack when rendering gantt charts, i… | |||
| CVE-2026-8318 | medium | 5.3 | 5.3 | 23d ago | A security flaw has been discovered in VectifyAI PageIndex up to f50e52975313c6716c02b20a119577a1929decba. Affected by this vulnerability is the function toc_transformer of the file pageindex/page_in… | |||
| CVE-2026-45002 | medium | 5.3 | 5.3 | 23d ago | OpenClaw: Hook mapping templates could bypass hook session-key opt-in | |||
| CVE-2026-44999 | medium | 5.3 | 5.3 | 23d ago | OpenClaw: Isolated cron awareness events were recorded as trusted system events | |||
| CVE-2026-44994 | medium | 5.3 | 5.3 | 23d ago | OpenClaw before 2026.4.22 contains an authentication bypass vulnerability in the Control UI bootstrap config endpoint that allows unauthenticated attackers to read sensitive configuration fields. Att… | |||
| CVE-2026-44226 | medium | 5.3 | 5.3 | 23d ago | PyLoad vulnerable to unauthenticated traceback disclosure via global exception handler in WebUI | |||
| CVE-2026-34093 | medium | 5.3 | 5.3 | 23d ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Specials/SpecialUserRights.P… | |||
| CVE-2026-44201 | medium | 5.3 | 5.3 | 23d ago | Wagtail is an open source content management system built on Django. Prior to 7.0.7, 7.3.2, and 7.4, the Documents and Images API incorrectly listed items in private collections. A user with access t… | |||
| CVE-2026-1677 | medium | 5.3 | 5.3 | 23d ago | Zephyr sockets created with `IPPROTO_TLS_1_3` can still negotiate a TLS 1.2 connection when both TLS versions are enabled in Kconfig, because the socket-level protocol selection is not propagated to … | |||
| CVE-2026-8274 | medium | 5.3 | 5.3 | 23d ago | A security vulnerability has been detected in npitre cramfs-tools up to 2.1. Affected is the function do_directory of the file cramfsck.c of the component Directory Handler. Such manipulation leads t… | |||
| CVE-2026-8258 | medium | 5.3 | 5.3 | 24d ago | A flaw has been found in Squirrel up to 3.2. Impacted is the function validate_format in the library sqstdlib/sqstdstring.cpp. Executing a manipulation can lead to stack-based buffer overflow. The at… | |||
| CVE-2026-28994 | medium | 5.3 | 5.3 | 24d ago | watchOS 26.5 | |||
| CVE-2026-45179 | medium | 5.3 | 5.3 | 24d ago | Plack::Middleware::Statsd versions before 0.9.0 for Perl may leak user IP addresses. If the communication channel to the statsd daemon is not secured (for example, by sending UDP packets to a host o… | |||
| CVE-2026-8244 | medium | 5.3 | 5.3 | 24d ago | A vulnerability was identified in Industrial Application Software IAS Canias ERP 8.03. This impacts an unknown function of the component Login RMI Interface. The manipulation of the argument clientVe… | |||
| CVE-2026-8243 | medium | 5.3 | 5.3 | 24d ago | A vulnerability was determined in Industrial Application Software IAS Canias ERP 8.03. This affects an unknown function of the component JNLP Deployment Endpoint. Executing a manipulation can lead to… | |||
| CVE-2026-8241 | medium | 5.3 | 5.3 | 24d ago | A vulnerability has been found in Industrial Application Software IAS Canias ERP 8.03. The affected element is the function iasGetServerInfoEvent of the component RMI Interface. Such manipulation lea… | |||
| CVE-2026-8215 | medium | 5.3 | 5.3 | 25d ago | A vulnerability was determined in Industrial Application Software IAS Canias ERP 8.03. This vulnerability affects the function iasRequestFileEvent of the component RMI Interface. This manipulation of… | |||
| CVE-2026-8214 | medium | 5.3 | 5.3 | 25d ago | A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. This affects the function doAction of the component RMI Interface. The manipulation of the argument sessionId results… | |||
| CVE-2026-8210 | medium | 5.3 | 5.3 | 25d ago | A security vulnerability has been detected in aandrew-me tgpt up to 2.11.1 on Linux/macOS. Affected by this vulnerability is the function helper.Update of the file helper.go of the component Update H… | |||
| CVE-2026-8198 | medium | 5.3 | 5.3 | 25d ago | The Activity Logs, User Activity Tracking, Multisite Activity Log from Logtivity plugin for WordPress is vulnerable to Authentication Bypass to Information Disclosure in versions up to, and including… | |||
| CVE-2026-32683 | medium | 5.3 | 5.3 | 25d ago | Some EZVIZ products utilize older versions of cloud feature modules with legacy API interfaces, which pose a data transmission risk. Attackers can exploit this by eavesdropping on network requests to… | |||
| CVE-2026-7652 | medium | 5.3 | 5.3 | 26d ago | The LatePoint plugin for WordPress is vulnerable to Account Takeover via Weak Password Recovery Mechanism in the unauthenticated guest booking flow in versions up to, and including, 5.5.0 This is due… | |||
| CVE-2026-44656 | medium | 5.3 | 5.3 | 26d ago | Vim is an open source, command line text editor. Prior to version 9.2.0435, an OS command injection vulnerability exists in Vim's :find command-line completion. When the path option contains backtick… | |||
| CVE-2026-42190 | medium | 5.3 | 5.3 | 26d ago | RedwoodSDK has Same-site CSRF through lack of origin validation in its server actions | |||
| CVE-2026-41495 | medium | 5.3 | 5.3 | 26d ago | n8n-MCP Logs Sensitive Request Data on Unauthorized /mcp Requests | |||
| CVE-2026-42028 | medium | 5.3 | 5.3 | 26d ago | novaGallery is a php image gallery. Prior to version 2.1.1, a path traversal vulnerability has been identified in novaGallery. This allows unauthenticated users to read image files outside the intend… | |||
| CVE-2026-44500 | medium | 5.3 | 5.3 | 26d ago | Zebra Vulnerable to Allocation Amplification in Inbound Network Deserializers | |||
| CVE-2026-41423 | medium | 5.3 | 5.3 | 26d ago | Angular: SSRF via protocol-relative and backslash URLs in Angular Platform-Server | |||
| CVE-2026-41161 | medium | 5.3 | 5.3 | 26d ago | Sync-in Server has Username Enumeration via Timing Attack | |||
| CVE-2026-44928 | medium | 5.3 | 5.3 | 26d ago | In uriparser before 1.0.2, the function family EqualsUri can misclassify two unequal URIs as equal. | |||
| CVE-2026-44927 | medium | 5.3 | 5.3 | 26d ago | In uriparser before 1.0.2, there is pointer difference truncation to int in various places. | |||
| CVE-2026-41645 | medium | 5.3 | 5.3 | 27d ago | Nuclei: Environment variable disclosure via Response-Derived DSL Expressions | |||
| CVE-2026-8115 | medium | 5.3 | 5.3 | 27d ago | short-video-maker has a path traversal vulnerability | |||
| CVE-2026-41928 | medium | 5.3 | 5.3 | 27d ago | Vvveb before 1.0.8.2 contains an information disclosure vulnerability in the cron controller that allows unauthenticated attackers to retrieve the application's secret cron key. Attackers can access … | |||
| CVE-2026-42241 | medium | 5.3 | 5.3 | 27d ago | ParquetSharp: Possible Stack Overflow When Reading a ParquetFile with Large Decimal Type Width | |||
| CVE-2026-39825 | medium | 5.3 | 5.3 | 27d ago | ReverseProxy can forward queries containing parameters not visible to Rewrite functions. When used with a Rewrite function, or a Director function which parses query parameters, ReverseProxy sanitize… | |||
| CVE-2026-39819 | medium | 5.3 | 5.3 | 27d ago | The "go bug" command writes to two files with predictable names in the system temporary directory (for example, "/tmp"). An attacker with access to the temporary directory can create a symlink in one… | |||
| CVE-2026-42878 | medium | 5.3 | 5.3 | 27d ago | FacturaScripts is an open source accounting and invoicing software. Prior to v2026, an unauthenticated information disclosure vulnerability in the Installer controller allows any remote attacker to t… | |||
| CVE-2026-27416 | medium | 5.3 | 5.3 | 27d ago | Missing Authorization vulnerability in bPlugins PDF Poster allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects PDF Poster: from n/a through 2.4.1. | |||
| CVE-2026-27329 | medium | 5.3 | 5.3 | 27d ago | Authorization Bypass Through User-Controlled Key vulnerability in YITH YITH WooCommerce Wishlist allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects YITH WooC… |